Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

3.5.1307.82 2.17%
3.5.1307.76 2.17%
3.5.1304.29 6.52%
3.5.1302.61 6.52%
3.5.1208.41 2.17%
3.5.1208.36 10.87%
3.5.1208.34 4.35%
3.5.1208.24 10.87%
3.5.1207.40 6.52%
3.5.1205.18 2.17%
3.5.1205.17 6.52%
3.5.1205.15 10.87%
3.5.1205.12 2.17%
3.5.1201.94 15.22%
3.5.1108.73 6.52%
3.5.1108.70 2.17%
3.5.1108.50 2.17%

Relationships

Parent process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
CryptGenRandom, OpenProcessToken, DuplicateTokenEx, GetLengthSid, SetTokenInformation, CreateProcessAsUserA, ConvertStringSidToSidW, RegisterServiceCtrlHandlerExW, StartServiceCtrlDispatcherW, SetServiceStatus, RegCloseKey, RegQueryValueExW, RegOpenKeyExW, GetTokenInformation, RegDeleteKeyW, RegQueryInfoKeyW, RegEnumKeyExW, RegSetValueExW, RegSetValueExA, RegOpenKeyA, CryptEncrypt, CryptAcquireContextW, CryptGenKey, CryptReleaseContext, CryptImportKey, CryptExportKey, CryptDestroyKey, RegOpenKeyExA, RegQueryValueExA, OpenSCManagerW, OpenServiceW, CloseServiceHandle, ConvertSidToStringSidA, AllocateAndInitializeSid, EqualSid, FreeSid, SetNamedSecurityInfoW, SetEntriesInAclW, GetEffectiveRightsFromAclW, GetNamedSecurityInfoW
kernel32.dll
GetProcessHeap, HeapFree, IsDebuggerPresent, UnhandledExceptionFilter, lstrcatW, lstrcpyW, lstrlenW, GetFullPathNameW, FindCloseChangeNotification, FindNextChangeNotification, FindFirstChangeNotificationW, FileTimeToLocalFileTime, OpenEventA, GetStartupInfoA, EnterCriticalSection, LeaveCriticalSection, GetLastError, InterlockedIncrement, InterlockedDecrement, Sleep, DeleteCriticalSection, InitializeCriticalSection, WaitForSingleObject, GetTickCount, CreateThread, CloseHandle, ProcessIdToSessionId, TerminateProcess, OpenProcess, GetModuleFileNameA, GetProcessTimes, GetExitCodeProcess, GetCurrentProcessId, GetModuleHandleW, GetCurrentThreadId, InterlockedCompareExchange, SetUnhandledExceptionFilter, QueryPerformanceCounter, GetCurrentProcess, GetProcAddress, GetModuleHandleA, QueryPerformanceFrequency, SetLastError, GetFileAttributesW, InterlockedExchange, OutputDebugStringA, LoadLibraryA, GetCurrentThread, ResumeThread, GetThreadContext, SuspendThread, SleepEx, Process32NextW, Process32FirstW, CreateToolhelp32Snapshot, Module32NextW, Module32FirstW, FreeLibrary, CreateFileA, TlsGetValue, TlsAlloc, GetModuleFileNameW, VirtualQuery, RtlCaptureContext, GetSystemInfo, LocalFree, QueryDosDeviceA, MultiByteToWideChar, GetVersionExW, CreateFileW, WideCharToMultiByte, DeleteFileW, MoveFileW, CopyFileW, CreateDirectoryW, FindClose, RemoveDirectoryW, FindNextFileW, FindFirstFileW, FindNextFileA, FindFirstFileA, CompareFileTime, FlushInstructionCache, VirtualProtect, InterlockedExchangeAdd, GetSystemTime, SetEvent, WaitForMultipleObjects, ResetEvent, SetWaitableTimer, CancelWaitableTimer, CreateEventW, CreateWaitableTimerW, DeviceIoControl, ReadFile, GetSystemDirectoryA, GetWindowsDirectoryA, GetSystemTimeAsFileTime, lstrlenA, GetVolumeInformationA, FileTimeToSystemTime, CreateProcessW, GlobalFree, GlobalAlloc, LoadLibraryExA, GetFileAttributesA, IsWow64Process, GetFileTime
msvcp80.dll
DllMain
msvcr80.dll
DllMain
ole32.dll
CoSetProxyBlanket, CoUninitialize, CoInitializeEx, CoCreateInstance, OleRun
psapi.dll
GetModuleInformation, GetModuleFileNameExA, EnumProcesses
rapportutil.dll
DllMain
shell32.dll
SHGetFolderPathW, SHGetFolderPathA
shlwapi.dll
PathAppendA, SHDeleteKeyW, AssocQueryStringA
trf.dll
iterate_pid_with_logs, env_alloc_default, stacktrace_get_stack_trace, counters_release, counters_acquire, env_is_inited, iterate_pid, env_get, get_application_directory, counters_get, GetCurrentSessionId, stacktrace_get_caller_module, stacktrace_get_stack_trace_unl, proctools_get_process_image_name, iterate_modules, set_application_directory
user32.dll
wsprintfW, MessageBoxA
userenv.dll
CreateEnvironmentBlock, DestroyEnvironmentBlock
version.dll
GetFileVersionInfoSizeW, VerQueryValueW, GetFileVersionInfoW
wininet.dll
InternetSetOptionA, HttpQueryInfoW, InternetGetConnectedState, InternetOpenA, InternetCrackUrlA, InternetCloseHandle, InternetReadFileExA, InternetSetStatusCallbackA, InternetSetOptionW, InternetConnectA, HttpOpenRequestA, HttpQueryInfoA, HttpSendRequestA
wtsapi32.dll
WTSFreeMemory, WTSQuerySessionInformationW, WTSEnumerateSessionsW, WTSQueryUserToken

rapportmgmtservice.exe

Rapport by Trusteer (Signed)

Remove rapportmgmtservice.exe
Version:   3.5.1108.70
MD5:   5bd5895f002438f4e1c50c09bf6f1ce2
SHA1:   05295d4d462381ae3ec1b2052c28550b26007dbf
SHA256:   73c6a70c4225cd9c8666a8b2069faf50d39f99e324cc5666cd3282c1a1d27e8d

What is rapportmgmtservice.exe?

Trusteer Rapport is lightweight security software designed to protect confidential data, such as account credentials, from being stolen by malicious software (malware) and via phishing. To achieve this goal, the software first includes anti-phishing measures to protect against misdirection and attempts to prevent malicious screen scraping.

Overview

rapportmgmtservice.exe runs as a service under the name Rapport Management Service (RapportMgmtService) with extensive SYSTEM privileges (full administrator access). The file is digitally signed by Trusteer which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:rapportmgmtservice.exe
Publisher:Trusteer Ltd.
Product name:Rapport
Description:RapportMgmtService
Typical file path:C:\Program Files\trusteer\rapport\bin\rapportmgmtservice.exe
Original name:RapportMgmtService
File version:3.5.1108.70
Size:909.8 KB (931,640 bytes)
Certificate
Issued to:Trusteer
Authority (CA):VeriSign
Effective date:Friday, February 12, 2010
Expiration date:Thursday, May 1, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 8.0
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'RapportMgmtService' (Rapport Management Service)
  • RapportMgmtService
Network connections
  • [UDP] listens on port 49152

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00023537%
    0.028634%
    Kernel CPU:0.00019473%
    0.013761%
    User CPU:0.00004063%
    0.014873%
    Kernel CPU time:871,578 ms/min
    100,923,805ms/min
    CPU cycles:23,301,260/sec
    17,470,203/sec
    Memory
    Private memory:16.89 MB
    21.59 MB
    Private (maximum):16.47 MB
    Private (minimum):12.63 MB
    Non-paged memory:16.89 MB
    21.59 MB
    Virtual memory:107.46 MB
    140.96 MB
    Virtual memory (peak):116.76 MB
    169.69 MB
    Working set:13.79 MB
    18.61 MB
    Working set (peak):17.45 MB
    37.95 MB
    Page faults:13,398,904/min
    2,039/min
    I/O
    I/O read transfer:31.36 KB/sec
    1.02 MB/min
    I/O read operations:8/sec
    343/min
    I/O write transfer:33.78 KB/sec
    274.99 KB/min
    I/O write operations:17/sec
    227/min
    I/O other transfer:65.01 KB/sec
    448.09 KB/min
    I/O other operations:4,000/sec
    1,671/min
    Resource allocations
    Threads:18
    12
    Handles:321
    600

    BehaviorsProcess properties

    Integrety level:System
    Platform:64-bit
    Command line:"C:\Program Files\trusteer\rapport\bin\rapportmgmtservice.exe"
    Owner:SYSTEM
    Windows Service
    Service name:RapportMgmtService
    Display name:Rapport Management Service
    Description:“Central Rapport Management and Monitoring Service”
    Type:Win32OwnProcess
    Parent process:services.exe (Services and Controller app by Microsoft)

    ResourcesThreads

    Averages
     
    RapportMgmtService.exe (main module)
    Total CPU:0.10468555%
    0.272967%
    Kernel CPU:0.08496320%
    0.107585%
    User CPU:0.01972235%
    0.165382%
    CPU cycles:2,472,108/sec
    5,741,424/sec
    Memory:916 KB
    1.16 MB
    wow64.dll
    Total CPU:0.00004151%
    Kernel CPU:0.00000000%
    User CPU:0.00004151%
    CPU cycles:10,923/sec
    Memory:252 KB

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 54.35%
    Microsoft Windows XP 13.04%
    Windows 7 Professional 8.70%
    Windows Vista Home Premium 8.70%
    Windows 8 Pro 8.70%
    Windows 7 Ultimate 6.52%

    Distribution by countryDistribution by country

    United States installs about 42.22% of Rapport.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Sony 31.25%
    Dell 25.00%
    Hewlett-Packard 12.50%
    Intel 12.50%
    GIGABYTE 6.25%
    ASUS 6.25%
    Toshiba 6.25%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE